This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa File: e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa (raw, json) Hash identifier: IhetzdjxeJKPMaj6PYlrFkpNNtYf2bo/5RGCmRvsBO4= Subject key identifier: E7:2E:F5:02:AA:42:B1:09:89:A0:11:49:10:B9:41:B7:47:3C:83:23 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 06B8648A214576B4570A1A386907EB0FBA26278B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa Signing time: Thu 11 Dec 2025 00:00:11 +0000 ROA not before: Thu 11 Dec 2025 00:00:11 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 79.125.0.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:b8:64:8a:21:45:76:b4:57:0a:1a:38:69:07:eb:0f:ba:26:27:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 11 00:00:11 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=b40f8542d0d4eafe01f432d7624b7d3b17a976183df632305181f71759b8270b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:4d:28:14:f8:af:5e:fa:7c:78:82:28:3c:a6: 1f:a2:7b:6b:c4:f6:27:48:6f:3b:db:ad:20:85:82: d8:1a:ee:d0:cf:2b:7b:59:d7:b6:2e:42:65:90:80: 30:16:7c:0d:ba:00:93:13:a5:be:f0:83:5f:1f:87: ff:e6:93:e4:61:cb:63:69:34:cf:4a:3f:ad:01:e7: de:21:cb:86:1b:7d:a0:26:19:9e:5e:cf:33:48:6a: 5e:9c:00:59:8b:bb:17:94:e3:50:3f:80:1e:2e:88: 6c:e3:72:6d:87:8b:74:df:3e:97:a8:d7:a9:1f:ce: 0c:a6:30:07:51:50:64:b6:67:87:9e:10:14:b6:f7: a6:ef:8f:7d:22:1e:55:4e:86:9e:1c:d3:84:5e:dd: 26:ea:35:1a:95:75:08:d1:bd:70:04:74:3e:e8:c8: fb:a9:0d:d9:10:6a:85:02:21:1e:37:bb:4e:30:24: f0:a4:af:42:c3:28:40:a8:67:07:c6:82:a0:d7:29: 5c:aa:d4:f4:01:2c:2a:b8:22:97:e4:25:f8:7e:33: 35:3f:31:6d:08:d2:d2:27:45:fb:df:a2:d3:30:51: 66:77:97:ce:82:00:15:0f:31:b2:b0:50:07:96:06: e5:e6:17:23:26:0b:78:d7:92:fe:ef:45:63:df:11: da:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:2E:F5:02:AA:42:B1:09:89:A0:11:49:10:B9:41:B7:47:3C:83:23 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.125.0.0/17 Signature Algorithm: sha256WithRSAEncryption ac:7a:fe:35:9e:2f:50:e1:35:e6:ab:62:48:ed:29:1a:cc:ce: 19:db:29:fd:1c:ec:f7:0e:35:88:13:28:0e:25:8c:c9:30:03: 30:a5:92:9a:43:5d:04:1f:11:51:6e:7d:cc:28:35:ca:a1:d3: 30:74:32:bb:68:85:54:e0:3b:b6:4b:86:1d:ed:a9:fb:ce:16: 71:a6:30:03:68:cb:1c:e2:db:4b:4c:66:a1:7d:4e:a1:ee:8d: 00:6d:64:9d:e2:86:ae:ad:7d:89:b5:2a:e0:05:93:bd:ea:1e: ab:24:85:d2:55:13:44:52:31:32:26:98:71:4a:73:04:3c:a8: b9:2b:39:d1:66:1a:2d:22:4f:40:2d:83:c1:57:4c:7a:25:69: cc:ad:28:8d:c6:98:bf:43:38:b7:33:b1:93:fa:94:bc:33:58: 4f:ba:50:9a:a2:a1:84:37:a5:5b:3c:16:a0:8b:4b:6c:7b:59: 24:00:17:b0:7a:22:17:d8:a3:b9:b1:f2:ea:f5:81:32:fb:79: 7c:e9:6c:13:d0:01:0d:c5:e5:12:12:6b:7f:7e:79:63:ef:a0: 16:1f:da:d2:64:c6:e7:72:b2:71:3e:eb:87:28:bf:23:0d:0d: 7e:d8:7d:b2:ba:d0:9f:a1:9b:60:2e:cc:fa:00:e8:3f:04:cb: 20:eb:b2:02 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUBrhkiiFFdrRXCho4aQfrD7omJ4swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTEwMDAwMTFaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQGI0MGY4NTQyZDBkNGVhZmUwMWY0MzJkNzYyNGI3ZDNiMTdhOTc2MTgzZGY2 MzIzMDUxODFmNzE3NTliODI3MGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMNNKBT4r176fHiCKDymH6J7a8T2J0hvO9utIIWC2Bru0M8re1nXti5CZZCA MBZ8DboAkxOlvvCDXx+H/+aT5GHLY2k0z0o/rQHn3iHLhht9oCYZnl7PM0hqXpwA WYu7F5TjUD+AHi6IbONybYeLdN8+l6jXqR/ODKYwB1FQZLZnh54QFLb3pu+PfSIe VU6GnhzThF7dJuo1GpV1CNG9cAR0PujI+6kN2RBqhQIhHje7TjAk8KSvQsMoQKhn B8aCoNcpXKrU9AEsKrgil+Ql+H4zNT8xbQjS0idF+9+i0zBRZneXzoIAFQ8xsrBQ B5YG5eYXIyYLeNeS/u9FY98R2sECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTnLvUC qkKxCYmgEUkQuUG3RzyDIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTNhMGIyMDAtM2YxNi00ZWI3LWFhMGEtZmNjYzQ2YTkwOTJiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN BgkqhkiG9w0BAQsFAAOCAQEArHr+NZ4vUOE15qtiSO0pGszOGdsp/Rzs9w41iBMo DiWMyTADMKWSmkNdBB8RUW59zCg1yqHTMHQyu2iFVOA7tkuGHe2p+84WcaYwA2jL HOLbS0xmoX1Ooe6NAG1kneKGrq19ibUq4AWTveoeqySF0lUTRFIxMiaYcUpzBDyo uSs50WYaLSJPQC2DwVdMeiVpzK0ojcaYv0M4tzOxk/qUvDNYT7pQmqKhhDelWzwW oItLbHtZJAAXsHoiF9ijubHy6vWBMvt5fOlsE9ABDcXlEhJrf355Y++gFh/a0mTG 53KycT7rhyi/Iw0Nfth9srrQn6GbYC7M+gDoPwTLIOuyAg== -----END CERTIFICATE-----Generated at Mon Dec 15 19:47:35 2025 by rpki-client